class ActionDispatch::ContentSecurityPolicy

def block_all_mixed_content(enabled = true)

policy.block_all_mixed_content false

Pass `false` to allow it again:

policy.block_all_mixed_content

when the page uses HTTPS:
Specify whether to prevent the user agent from loading any assets over HTTP

def block_all_mixed_content(enabled = true)
  if enabled
    @directives["block-all-mixed-content"] = true
  else
    @directives.delete("block-all-mixed-content")
  end
end

Instance Methods

# apply_mapping
# apply_mappings
# block_all_mixed_content
# build
# build_directive
# build_directives
# initialize
# initialize_copy
# nonce_directive?
# plugin_types
# report_uri
# require_sri_for
# resolve_source
# sandbox
# upgrade_insecure_requests
# validate

Modules

Classes

class ActionDispatch::ContentSecurityPolicy

def block_all_mixed_content(enabled = true)

Instance Methods